Commit e8063d6f authored by Michael Kozono's avatar Michael Kozono

Merge branch 'update-dast-report-examples' into 'master'

Update DAST reports to include Common Report Format fields

Closes #14053

See merge request gitlab-org/gitlab!21014
parents e7ffb1aa 37db7102
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -21,7 +21,7 @@ describe Gitlab::Ci::Parsers::Security::Dast do ...@@ -21,7 +21,7 @@ describe Gitlab::Ci::Parsers::Security::Dast do
:last_occurrence_path, :last_occurrence_path,
:last_occurrence_severity, :last_occurrence_severity,
:last_occurrence_confidence) do :last_occurrence_confidence) do
:dast | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/start.mvc' | 'info' | 'low' :dast | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/plugins/bootstrap/css/bootstrap.min.css' | 'info' | 'low'
:dast_multiple_sites | 25 | 15 | 1 | 'https://goat:8080' | 'GET' | '/WebGoat/registration' | 'high' | 'medium' :dast_multiple_sites | 25 | 15 | 1 | 'https://goat:8080' | 'GET' | '/WebGoat/registration' | 'high' | 'medium'
:dast_deprecated | 2 | 3 | 1 | 'http://bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io' | 'GET' | '/' | 'low' | 'medium' :dast_deprecated | 2 | 3 | 1 | 'http://bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io' | 'GET' | '/' | 'low' | 'medium'
end end
......
...@@ -15,7 +15,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do ...@@ -15,7 +15,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
end end
describe '#format_vulnerability' do describe '#format_vulnerability' do
let(:instance) { file_vulnerability['instances'][1] } let(:instance) { file_vulnerability['instances'][0] }
let(:hostname) { 'http://goat:8080' } let(:hostname) { 'http://goat:8080' }
let(:sanitized_desc) { file_vulnerability['desc'].gsub('<p>', '').gsub('</p>', '') } let(:sanitized_desc) { file_vulnerability['desc'].gsub('<p>', '').gsub('</p>', '') }
let(:sanitized_solution) { file_vulnerability['solution'].gsub('<p>', '').gsub('</p>', '') } let(:sanitized_solution) { file_vulnerability['solution'].gsub('<p>', '').gsub('</p>', '') }
...@@ -53,7 +53,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do ...@@ -53,7 +53,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
'url' => "http://projects.webappsec.org/w/page/13246974/Threat%20Classification%20Reference%20Grid" 'url' => "http://projects.webappsec.org/w/page/13246974/Threat%20Classification%20Reference%20Grid"
}) })
expect(data['location']).to eq({ expect(data['location']).to eq({
'param' => nil, 'param' => '',
'method' => 'GET', 'method' => 'GET',
'hostname' => hostname, 'hostname' => hostname,
'path' => '/WebGoat/login' 'path' => '/WebGoat/login'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment